The Shadow Brokers is the mysterious group that in October 2016 claimed to have stolen a bunch of hacking tools used by the NSA for its operations.
At the end of October 2016, the hackers leaked a fresh dump containing a list of servers that were hacked by the NSA-linked group known as Equation Group.
The Equation group compromised these targets using the hacking tools codenamed as INTONATION and PITCHIMPAIR. The Shadow Brokers provided the links to two distinct PGP-encrypted archives, the first one offered for free as a proof of the hack (its passphrase was ‘auctioned’), for the second one the group requested 1 million BTC.
The first archive was containing roughly 300MBs of data, including firewall exploits, hacking tools, and scripts with cryptonyms like BANANAUSURPER, BLATSTING, and BUZZDIRECTION.The Equation Group ‘s hackers targeted products made by Cisco, Fortigate, Juniper, TOPSEC, and Watchguard.
The majority of files are at least three years old, meanwhile, the newest timestamp dating to October 2013.Early October, TheShadowBrokers complained that no one seems to be bidding on their precious archive, an alleged member of the hacker group expressed his dissent on the lack of interest in ponying up bitcoins to release the full NSA data dump.A couple of weeks before the group announced the launch of a crowdfunding campaign for the stolen arsenal because its auction received offers for less than two bitcoins.
Back to the present, today the Shadow Brokers group released more alleged hacking tools and exploits that allegedly belong to the Equation Group.
The group has launched the bomb, it has finally released password for the encrypted dump of NSA files and anyone can access them.
The group shared the following password:
CrDj”(;Va.*NdlnzB9M?@K2)#>deB7mN
in a blog post on the Medium platform titled “Don’t Forget Your Base“
The post is an open letter to President Donald Trump, the group expressed its point of view on the Trump’s policy, it explicitly refers Goldman Sach, the air strike against Syria and removal of Steve Bannon from the National Security Council, among others.
“Respectfully, what the fuck are you doing? TheShadowBrokers voted for you. TheShadowBrokers supports you. TheShadowBrokers is losing faith in you. Mr. Trump helping theshadowbrokers, helping you. Is appearing you are abandoning “your base”, “the movement”, and the peoples who getting you elected.” reads the post.
A security expert that goes online with the Twitter handle x0rz, has uploaded all files after decryption on Github.
A close look at the archive revealed the existence of numerous tools that was developed to target specific platforms, including:
If you want, the group is still accepting donations, below its Bitcoin wallet: 19BY2XCgbDe6WtTVbTyzM9eR3LYr6VitWK
That received a total of 10.41198465 bitcoins
Stay Tuned … it is just the beginning!
[adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Shadow Brokers, NSA)
[adrotate banner=”5″]
[adrotate banner=”13″]
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.